LAUSR

Previous research works have endorsed the use of delays and clock skews for detecting intrusions or fingerprinting controllers that communicate on the CAN bus. Recently, timing characteristics of CAN frames have been also used for establishing a covert channel for cryptographic authentication, in this way cleverly removing the need for cryptographic material inside the short payload of data frames. However, the main drawback of this approach is the limited security level that can be achieved over existing CAN bus traffic. In this work we significantly improve on this by relying on optimization algorithms for scheduling CAN frames and deploy the covert channel on optimized CAN traffic. Under practical bus allocations, we are able to extract 3–5 bits of authentication data from each frame which leads to an efficient intrusion detection and authentication mechanism. By accumulating covert channel data over several consecutive frames, we can achieve higher security levels that are in line with current real-world demands. To prove the correctness of our approach, we present experiments on automotive-grade controllers, i.e., Infineon Aurix, and bus measurements with the use of industry standard tools, i.e., CANoe.